Technology

These discounted tablets, headphones, and kitchen goods can still make it under the tree—if you hurry.

• Movies and shows are licensed rather than sold outright
• Pay-TV and video on demand are usually licensed before streaming
• Rights are increasingly being licensed to multiple platforms

If like me you enjoy nothing more than watching a great new movie on great home cinema kit, you've probably asked this question more than once about an exciting new release: when's it coming to one of the best streaming services – and which streamer is it coming to? And the answer is: it's complicated.

In a simpler world every movie would come to every streaming service. But of course we live in a world that's much messier, which is why we write separate guides to cover the best movies coming to Netflix, to Disney Plus, to Max, to Prime Video, to Paramount Plus and to Apple TV Plus.

So how do certain movies end up on certain streamers, and who decides who gets what and when? Let's find out.

How movies aren't sold

Some streamers are also in the movie business: Netflix's Beverly Hills Cop: Axel F was a Netflix Original. (Image credit: Netflix )

It's important to clarify what it means when we talk about films being released. Films aren't sold outright; in most cases, the companies that paid for them own them and like to keep it that way. What studios and their distributors do is sell licenses to show, sell or stream movies in a particular way, in a particular place, for a particular period of time.

When your local megaplex shows Wicked, it hasn't bought the movie; the theater chain has bought a licence to screen it in certain territories for a few weeks or months. Similarly, when Prime Video, Max or Paramount Plus offers a movie as part of your membership, the streamer has bought a licence that gives it the right to stream it – again, in certain territories for a certain period of time.

In addition to being licensed to different companies in different parts of the world, movie licenses are also sold in several stages. A studio movie will typically be shown in theaters first, made available digitally as pay-per-view or buy-to-own, and then made available on streaming.

Things are slightly different with TV shows, because of course there's not a theatrical release. But unless a show is made in-house by a streamer, it'll be licensed in much the same way that movies are.

Windows on the world

Apple TV Plus released Wolfs in theaters, but only for one week. (Image credit: Sony Pictures / Apple)

The movie business uses the term "release windows" to describe the different stages of a movie release campaign. So you have the theatrical release window, the pay-per-view window, the first streaming release window and so on.

The first release window is the original theatrical release. That used to be very long, typically three to six months or more, and then COVID came along. With theaters shut the studios either massively reduced the theatrical release window or abandoned it completely, turning to pay per view and streaming deals instead. And while COVID closures are thankfully a thing of the past, the much shorter theatrical windows remain.

Theatrical licences are traditionally exclusive: you won't usually be able to rent or buy a movie anywhere while it's still having its initial theatrical run. But the time between a movie hitting theaters and being available to rent, buy or stream is much shorter than it used to be.

Everything's accelerating

Five Nights at Freddy's took an unusual approach with a simultaneous theatrical and streaming release. (Image credit: Blumhouse/Universal)

According to Indiewire, the average theatrical window across all the big studio movies in 2023 was just 37 days. There were outliers such as Oppenheimer, which spent 122 days as a theater-only release. But that one was really unusual. The same studio's Super Mario Bros Movie was more typical (and more profitable), ending its theatrical run after 41 days.

Indiewire's analysis shows that Taylor Swift's Eras Tour movie ran for 60 days while Disney movies averaged 62 days, A24 movies 48 days, Paramount 42 days and Sony 35 days. The shortest theatrical window? Five Nights At Freddy's, which didn't have one: it was available on Peacock from day one.

FNAF was the third-biggest horror movie opening in cinema history but its release isn't likely to be widely copied. The consensus is that simultaneous releases are more likely to cannibalize box office sales – especially in genres such as horror, which teens like to see together in theaters – and by missing out on the word of mouth that can turn modest successes into big ones.

When the run is done

Barbie followed a typical schedule: theaters first, then buy to own, then streaming (Image credit: Warner Bros. Pictures)

Once the theatrical run is done, it's time for the release window that matters to streamers. That's called the Pay One Window, and it's when movies move from theaters to home viewing.

During the Pay One Window, the rights to show a movie are sold to two different markets: the PVOD/TVOD market (paid/transactional video on demand, aka pay-to-rent and buy-to-own) and the SVOD market, which is short for streaming video on demand.

SVOD means streamers such as Max, Prime, Netflix and Hulu; TVOD means rental and purchases on the likes of Apple TV (but not Apple TV+), Google Play, the Microsoft Store, Amazon (but not Included With Prime) and other digital storefronts.

It's always clearest if we use a real example, so let's take Barbie. Barbie's theatrical run started in July 2023 and stayed exclusive to theaters until September 2023, when it became available through TVOD platforms as a pay-to-rent and buy-to-own digital release. It then became available for Max subscribers to stream in December 2023.

When the Pay One Window expires, it's time to sell more licences. This next release window is known as the Pay Two Window, and it's when older movies are licensed, often to other streaming services than during the Pay One period. For example, Sony has a Pay One deal in place with Netflix but a Pay Two deal with all the Disney platforms.

Of the two windows, the Pay One Window is the more desirable: pent-up demand for big-name movies drives sales of new streaming subscriptions in a way that older movies don't. But Pay Two Window licences tend to be cheaper, and that means they enable streamers to expand their catalogs relatively cheaply.

Relationship status: it's complicated

Joker Folie à Deux was released on Max two-months after its theatrical run. (Image credit: Warner Bros. Pictures)

Traditionally, Pay One Window deals were for up to 18 months and were exclusive – so if a movie was going to Peacock then it wouldn't also go to Amazon Prime for at least a year and a bit. But modern movie markets are much messier, and as Variety reports, most studios now licence to multiple streamers either simultaneously or slightly staggered.

As if that wasn't complicated enough, some of the movie studios also own streamers and some of the streamers make movies. So for example Apple TV+ and Netflix make movies that hit theaters first but which were made with streaming in mind; Disney the company owns Disney the studio and Disney Plus the streamer, so Disney movies will move to Disney Plus after their theatrical run finishes. But Disney also owns 20th Century Fox and Searchlight, and those movies don't just end up with Disney+ or the Disney-owned Hulu; they are usually licensed to HBO and Max too.

Here's how Variety describes it. "Netflix gets major studio fare from Sony Pictures and additional prestige films from Sony Pictures Classics, while Prime Video offers rotating selections of Universal and Paramount titles, alongside Amazon’s MGM films after they’re done on MGM+. Disney’s streamers eventually get Sony titles, too, and Hulu is also where art-house distributor Neon’s films stream after their theatrical runs."

As we said, it's complicated – and it'll only get more so.

You might also like

• The best streaming services
• The best streaming deals to save you money
• Enjoy movies and shows on one of the best TVs

Commentary: Robots at SmartSKN Labs used AI to make me a personalized skin care line. Could they disrupt a $182 billion industry?

The latest development aligns with Apple's rumored strategy to go all in on smart home technology.

• HBM is fundamental to the AI revolution as it allows ultra fast data transfer close to the GPU
• Scaling HBM performance is difficult if it sticks to JEDEC protocols
• Marvell and others wants to develop a custom HBM architecture to accelerate its development

Marvell Technology has unveiled a custom HBM compute architecture designed to increase the efficiency and performance of XPUs, a key component in the rapidly evolving cloud infrastructure landscape.

The new architecture, developed in collaboration with memory giants Micron, Samsung, and SK Hynix, aims to address limitations in traditional memory integration by offering tailored solutions for next-generation data center needs.

The architecture focuses on improving how XPUs - used in advanced AI and cloud computing systems - handle memory. By optimizing the interfaces between AI compute silicon dies and High Bandwidth Memory stacks, Marvell claims the technology reduces power consumption by up to 70% compared to standard HBM implementations.

Moving away from JEDEC

Additionally, its redesign reportedly decreases silicon real estate requirements by as much as 25%, allowing cloud operators to expand compute capacity or include more memory. This could potentially allow XPUs to support up to 33% more HBM stacks, massively boosting memory density.

“The leading cloud data center operators have scaled with custom infrastructure. Enhancing XPUs by tailoring HBM for specific performance, power, and total cost of ownership is the latest step in a new paradigm in the way AI accelerators are designed and delivered,” Will Chu, Senior Vice President and General Manager of the Custom, Compute and Storage Group at Marvell said.

“We’re very grateful to work with leading memory designers to accelerate this revolution and, help cloud data center operators continue to scale their XPUs and infrastructure for the AI era.”

HBM plays a central role in XPUs, which use advanced packaging technology to integrate memory and processing power. Traditional architectures, however, limit scalability and energy efficiency.

Marvell’s new approach modifies the HBM stack itself and its integration, aiming to deliver better performance for less power and lower costs - key considerations for hyperscalers who are continually seeking to manage rising energy demands in data centers.

ServeTheHome’s Patrick Kennedy, who reported the news live from Marvell Analyst Day 2024, noted the cHBM (custom HBM) is not a JEDEC solution and so will not be standard off the shelf HBM.

“Moving memory away from JEDEC standards and into customization for hyperscalers is a monumental move in the industry,” he writes. “This shows Marvell has some big hyperscale XPU wins since this type of customization in the memory space does not happen for small orders.”

The collaboration with leading memory makers reflects a broader trend in the industry toward highly customized hardware.

“Increased memory capacity and bandwidth will help cloud operators efficiently scale their infrastructure for the AI era,” said Raj Narasimhan, senior vice president and general manager of Micron’s Compute and Networking Business Unit.

“Strategic collaborations focused on power efficiency, such as the one we have with Marvell, will build on Micron’s industry-leading HBM power specs, and provide hyperscalers with a robust platform to deliver the capabilities and optimal performance required to scale AI.”

More from TechRadar Pro

• SK Hynix teams up with TSMC to advance HBM development
• Samsung rival unveils “world’s largest capacity” 16-Layer HBM3e chips
• Samsung confirms next generation HBM4 memory is in fact Snowbolt

One user told WIRED that Google Maps directed them to “drive right into a wall that’s been up since 2003.”

Get those muscles working with these smart home gyms of 2024, tried and tested by our fitness experts.

Basic and premium pricing is staying the same, but for the highest tier of service, X has raised the price significantly.

• CISA has released an advisory for US government communications
• Government officials are encouraged to lock down their devices
• This follows the discovery foreign actors have breached US telecoms networks

CISA has urged ‘highly targeted’ individuals in the US Government or in senior political positions to immediately review and implement strict security measures with their mobile devices.

This comes after multiple major US telecoms firms were hit by security breaches earlier in 2024, most likely originating from state-sponsored Chinese hackers.

Recent reports also confirmed that the group behind the attack, Salt Typhoon, had not yet been fully eradicated, and still lurks inside US telecoms networks.

Lockdown mode

As part of its advisory, CISA also released a best practice guide for mobile communications, which includes instructions on using end-to-end encryption, password managers, Fast Identity Online (a phishing resistance authentication), and advice on how to migrate away from SMS based multi factor authentication.

CISA recommends iPhone users turn on ‘Lockdown mode’, which strictly limits certain apps and makes many features unavailable in order to reduce the attack surface that attackers could potentially exploit.

The scale of this attack makes it a serious concern for any high-ranking officials, with major networks like Verizon, AT&T, and Lumen Technologies found to have threat actors with access inside their systems.

“Highly targeted individuals should assume that all communications between mobile devices — including government and personal devices — and internet services are at risk of interception or manipulation,” CISA said.

Communications remain an attractive target for foreign actors, as breaches can result in significant disruptions and sensitive data loss.

US communications in particular have come under attack this year, especially against government and political targets in the run up to the US election last month. A ‘hack and leak’ campaign hit president-elect Donald Trump on the campaign trail in an attempt to compromise the campaign, which resulted in two indictments for the suspected individuals.

Via The Record

You might also like

• Take a look at our pick of the best firewalls around
• Volt Typhoon is actually a CIA asset, China claims
• Check out our choices for best malware removal software

Unwind with a lineup of festive (and sappy) holiday flicks.

Diarra from Detroit, The Pradeeps of Pittsburgh—these are the shows you might not have watched in 2024, but definitely still should.

Thomson Reuters will pay out a $27.5 million settlement to people whose information was exposed by its Clear AI product, but the window to opt-in closes this week.

The American public elected Donald Trump to run the federal government. His erratic patron seems to think the job is also his.

From The Bikeriders to The Order, these are the movies you should watch before the year is through.

Despite Q's long silence, QAnon beliefs have never been more prevalent—and as Donald Trump prepares to reenter the White House, excitement among the faithful is at an all-time high.

• Researchers said that Rockstar2FA went quiet in November 2024
• But a new PaaS emerged soon afterwards, with partly overlapping infrastructure
• The new PaaS is called FlowerStorm, and it targets Microsoft365 accounts

Cybersecurity researchers from Sophos have warned a new Phishing-as-a-Service (PaaS) tool has emerged, allowing threat actors to easily hunt for people’s Microsoft 365 credentials.

This tool is called FlowerStorm, and it might have emerged from the (defunct) Rockstar2FA, the company revealed, noting how in November, detections for Rockstar2FA have “suddenly gone quiet”.

The organization’s infrastructure was taken offline, at least partly, for reasons yet unknown - but the researchers don’t think this was the work of law enforcement, though.

Long live FlowerStorm?

Rockstar2FA was a PaaS platform designed to bypass two-factor authentication (2FA), primarily targeting Microsoft 365 accounts. It worked by intercepting login processes to steal session cookies, allowing attackers to access accounts without needing credentials or verification codes. Through a simple interface and Telegram integration, threat actors that purchased a license could manage their campaigns in real time.

The new platform, which emerged in the weeks after Rockstar2FA went quiet, was dubbed FlowerStorm by the researchers. Apparently, much of its tools and features overlap with that of Rockstar2FA, which is why Sophos speculates that it could be its (spiritual) successor.

The vast majority of the targets chosen by FlowerStorm users (84%) are located in the United States, Canada, United Kingdom, Australia, and Italy, Sophos added.

Companies in the States were most frequently targeted (60%), followed by Canada (8.96%). Overall, almost all (94%) of FlowerStorm targets were either in North America or Europe, with the rest falling on Singapore, India, Israel, New Zealand, and the United Arab Emirates.

The majority of the victims are in the service industry, namely firms providing engineering, construction, real estate, and legal services and consulting.

Defending against FlowerStorm is the same as against any other phishing attack - using common sense and being careful with incoming emails.

You might also like

• This worrying new phishing attack is going after Microsoft 365 accounts
• Here's a list of the best antivirus tools on offer
• These are the best endpoint protection tools right now

Cameras can offer peace of mind, but choose carefully when you’re inviting one into your home.

• Ascension was struck by ransomware attack in May 2024
• It has now concluded its investigation into the attack
• Sensitive data on almost 5.6 million people was stolen

Hackers that struck Ascension with ransomware managed to steal a whole treasure trove of sensitive customer information, with medical information, personally identifiable information, payment data, and more all compromised.

The US healthcare giant has now released new details about the ransomware attack, and filed a new form with the Office of the Maine Attorney General.

The cyberattack occurred on May 7 and 8, leading to significant disruptions in clinical operations. Employees were unable to access electronic health records and patient portals, and some facilities were even forced to divert ambulances, and elective care was paused in the aftermath.

Disrupting healthcare

In the filing, the firm said exactly 5,599,699 people were affected by the incident, and in the update, it added that the information crooks took included:

• medical information (medical record number, date of service, types of lab tests, or procedure codes)
• payment information (credit card information or bank account number)
• insurance information (Medicaid/Medicare ID, policy number, or insurance claim)
• government identification (Social Security number, tax identification number, driver’s license number, or passport number)
• and other personal information (date of birth or address).

While the attack seems enormous, putting millions at risk of identity theft, wire fraud, phishing and social engineering attacks, Ascension is keeping a positive outlook.

“Although patient data was involved, importantly, there remains no evidence that data was taken from our Electronic Health Records (EHR) and other clinical systems, where our full patient records are securely stored," it said.

The company said it will now start notifying affected individuals, and expects the job to be done within three weeks.

At press time, no threat actors took responsibility for the attack, and we don’t know if Ascension paid any ransom in exchange for the data - although it did say the attack hurt its ability to recover from the previous financial year.

You might also like

• Ascension healthcare giant forced to take systems offline following cyberattack
• Here's a list of the best antivirus tools on offer
• These are the best endpoint protection tools right now

• Two 15W drivers in a very small cube-style case
• Digital signal processing adjusts speaker output to emulate distance
• Available from Japan for roughly $255

One of the key things about stereo sound is that to get it, you need decently spaced stereo speakers. And that's a problem for small devices where you can't space the speakers out enough to get a large stereo sound stage. Manufacturers have come up with lots of tricks to make small speakers sound bigger, but to the best of my knowledge Pavé's little speaker is unique: it's got a gyroscope inside.

The Cear Pavé is an exceptionally small speaker, just over three and a half inches in each dimension, that promises to sound much bigger, with a stereo image close to what you'd hear from a traditional twin-speaker setup. And to do that, it uses clever technology to mess with your brain.

Pychoacoustics, qu'est-ce que c'est?

According to Notebookcheck.net, The speaker uses a combination of digital signal processing and what's known as psychoacoustics, which is the study of how we perceive sound.

We don't just hear sound directly. We hear its reflections and its vibrations too, and with a bit of technological trickery, you can adjust the output of speakers to emulate that – so for example by slightly adjusting the timing of certain frequencies to your speaker drivers you can replicate the short delay that would come from having a speaker placed a little further away from you.

In this speaker the processing is carried out by a Qualcomm S5 Gen 2 chip and then delivered via twin 15-watt drivers to deliver a much larger-sounding stereo sound than you'd expect from such a small speaker.

The Pavé isn't the only speaker to do this, of course: Sony's Reality Audio, and similar systems from other firms, also use digital signal processing to make their speakers sound bigger. But it also contains the aforementioned gyroscope to detect the movement and positioning of the speaker and to adjust its stereo effect accordingly.

Here's how it works, according to Cear's patent: Its "sound processing device includes an equalizer that tunes the frequency characteristic so that a frequency characteristic of the sound wave listened in a second environment replicates the frequency characteristic of a sound wave listened in a first environment." So there you have it. Qualcomm has a good explainer on its developer blog too.

I haven't heard this particular speaker but I'd like to: we've come a long way from the frankly crap "virtual stereo" and "virtual surround" of early Bluetooth speakers and soundbars; when it's done well, digital signal processing can produce quite startling results.

You might also like

• The best Bluetooth speakers you can buy today
• The best wireless speakers for 2024 and beyond
• The best AirPlay speakers

It's Wi-Fi- and Bluetooth-enabled, can play music as you shower, and has a motion-sensing full-color light and even a humidity sensor.